February 1, 2023
Keynote: We do not share or sell any of your personal data. We are proud to say that we fight for users' privacy and we are strongly committed to this principle and to being as transparent as possible.
Important: Data we collect includes no more than is crucial to provide full functionality of AdGuard VPN services and website. We do not collect anything for tracking purposes and take all necessary measures to protect the information we get.
Who We Are
ADGUARD SOFTWARE LIMITED is a company registered in Nicosia, Cyprus, registered office is at Klimentos 41-43, KLIMENTOS TOWER, Flat/Office 25, 1061, Nicosia, Cyprus and acts as the data controller when processing your data.
What Data We Collect
When you are using our website
Email address and a hash of the password which you use at the registration. That ensures that you can retrieve your password if needed, and that we can communicate with you when we have any announcements to make, service updates to advise or errors to report. You can unsubscribe from our newsletters via AdGuard Account or by clicking “Unsubscribe” button in the newsletter itself.
Billing and payment information. If you purchase a subscription to AdGuard VPN, we’ll need to know your contact details. FYI: we conduct all transactions via Paddle payment provider.
When you are using our software
When you choose to use our app, you thereby accept to provide us your personal data. This data is essential as it helps ensure the full functionality of AdGuard VPN services.
Account. When registering, you need to provide your email address and create a password to initially create a VPN connection. We collect this essential data to provide you with the AdGuard VPN service.
Usage information. It is crucial for a VPN service to understand how much traffic you are using. That is why we collect data about how you interact with our services, how much traffic you’ve used, and for how long have you been using our services.
Diagnostic/Device information. By default we do not collect anything. But if you give your consent, we collect some anonymized diagnostic information (for crash reports) and some information about the device used to access AdGuard VPN. What exact data we collect, depends on the AdGuard VPN product you are using.
How We Use Your Personal Data
We follow EU’s General Data Protection Regulation (“GDPR”) which defines personal data as:
“… any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
When we use terms “personal data" or “personal information”, we mean exactly that.
We retain Personal Data for as long as necessary to continue providing you with our products and services, or until you revoke your consent to share this information.
You have the following rights when it comes to Personal Data:
Export all Personal Data that we hold about you to a local file from the AdGuard Account on my.adguard.com;
Request information about what data about you we store and for how long, and if we didn’t collect it directly from you, you can request information about its source;
Request to correct any incomplete or inaccurate data about you. We will do so as quickly as possible, unless there is a valid reason not to, in which case you will be notified;
Delete all your Personal Data. You can do this at will via AdGuard Account, or by sending a request to firstname.lastname@example.org. In the latter case, we may ask you to verify your identity before fulfilling the request.
We make every possible effort to protect you and your Personal Data from unauthorized access, alteration, disclosure or destruction. We implement and maintain the following technical and security measures:
System Access Controls: We take reasonable measures to prevent Personal Data from being used without authorization. These controls shall vary based on the nature of the processing undertaken and may include, among other controls, authentication via passwords and/or two-factor authentication, documented authorization processes, documented change management processes and/or logging of access on several levels.
Data Access Controls: We take reasonable measures to ensure that Personal Data is accessible and manageable only by properly authorized staff. Direct database query access is restricted and application access rights are established and enforced to ensure that persons entitled to use a data processing system only have access to the Personal Data to which they have privilege of access; and that personal data cannot be read, copied, modified or removed without authorization in the course of processing.
Storing Data in a Data Center: personal information is stored in a data center located in Frankfurt. This is secure: the data center does not demand that we collect any data about your traffic or your use of our products and services. If they request us to start doing so, we will stop working with this provider and find an alternative.
Transmission Controls: We take reasonable measures to ensure that it is possible to check and establish to which entities the transfer of personal data by means of data transmission facilities is envisaged so personal data cannot be read, copied, modified or removed without authorization during electronic transmission or transport.
Input Controls: We take reasonable measures to make it possible to check and establish whether and by whom personal data has been entered into data processing systems, modified or removed.
Data Backup: We regularly back up our databases to protect Personal Data from accidental destruction or loss when hosted by us. The data is also encrypted so that it cannot be used if lost.
Logical Separation: Personal Data is logically segregated on our systems to ensure that Personal Data is collected for different purposes can be processed separately.
Consequences of Not Providing Your Personal Data
You are not obligated to provide your Personal Data to us. However, as this information is required for us to provide you with our services or respond to your enquiries, we will not be able to offer some or all our services without it.
To the extent not prohibited by applicable law, we do not allow the use of our Services, Products and Website by anyone younger than 18 years old. If you learn that anyone younger than 18 has unlawfully provided us with Personal Data, please contact us and we will take steps to delete such information.